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DETAILED ACTION 

This action is responsive to the application filed January 22, 2004. Claims 1-27 
are pending. Claims 1-27 represent network architecture and related methods for 
surviving denial of service attacks. 



Claim Rejections - 35 USC § 101 

1. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

Claim 22 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 22 teaches a system for mitigating 
against a denial of service attack. Page 16, lines 1 1-18 of the specification reads "each 
probing system, could also be implemented in hardware or any combination of 
hardware, firmware, logic and software." The idea that the system can be embodied 
fully in software makes the system, software per se and non-statutory. 



Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 1 , 2, 4-22, and 27 are rejected under 35 U.S.C. 1 02(e) as being 
anticipated by Chan et al., U.S. Patent No. 6,192,054. 

Chan teaches the invention as claimed including an acceleration of data network 
traffic between two nodes through the elimination of node latency by bypassing nodes 
which are not participating in communication (see abstract). 

Regarding claim 1 , Chan teaches an overlay network for maintaining traffic flow 
between a client and a server during a denial of service attack, comprising: a set of 
overlay nodes, coupled between the client and the server, wherein each overlay node 
comprises: 

a ranking module configured to rank the overlay nodes based on a performance 
metric, wherein an overlay node with a higher-ranking indicates that the overlay node 
has better performance for transferring traffic to the server than overlay nodes with 
lower-rankings (col. 1 , line 57 - col. 2, line 14, Chan discloses ranking of nodes on a 
network based on performance); and 

a probing module configured to probe a portion of the overlay nodes with higher- 
rankings more frequently than overlay nodes with lower-rankings during probing 
intervals (col. 4, lines 10-29, col. 13, lines 6-32, Chan discloses a highest ranking node 
that is probed most frequently). 
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Regarding claim 2, Chan teaches the overlay network as recited in claim 1 , 
wherein each overlay node further comprises a path selection module, configured to 
dynamically select an overlay node with a highest-rankings to be included as part of a 
pathway for transferring traffic to the server (col. 13, lines 6-32, Chan discloses the 
highest ranking node dynamically included in the network data path). 

Regarding claim 4, Chan teaches the overlay network as recited in claim 1 , 
further comprising one or more target nodes, configured to transfer the traffic from one 
or more of the overlay nodes directly to the server, the one or more target nodes having 
exclusive knowledge of an identity for the server (col. 7, lines 38-67, Chan discloses 
nodes sending data to a server). 

Regarding claim 5, Chan teaches the overlay network as recited in claim 1 , 
wherein each overlay node is virtually connected to each other (col. 1, lines 51-56, 
Chan discloses all the nodes connected to one another). 

Regarding claim 6, Chan teaches the overlay network as recited in claim 1 , 
wherein the performance metric includes at least one of: available bandwidth, latency, 
loss rate, and jitter; and wherein an overlay node with a higher-ranking indicates that the 
overlay node has better performance for transferring traffic to the server than overlay 
nodes with lower-rankings, the better performance including at least one of: more 
available bandwidth, less jitter, lower latency, and less packet loss (col. 1, lines 8-14, 
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col. 1, line 51 - col. 2, line 14, Chan discloses the higher ranking nodes having lower 
latency). 

Regarding claim 7, Chan teaches the overlay network as recited in claim 1 , 
wherein the ranking module is further configured to determine whether the portion of 
overlay nodes with higher-rankings continue to have better performance for transferring 
traffic to the server than one or more of the overlay nodes with lower-rankings after a 
probing interval (col. 13-15). 

Regarding claim 8, Chan teaches the overlay network as recited in claim 1 , 
wherein the ranking module is configured to demote the rankings of the portion of 
overlay nodes with higher-rankings to lower-rankings if the portion of overlay nodes with 
higher-rankings have worse performance for transferring traffic to the server than one or 
more of the overlay nodes with lower-rankings after a probing interval (col. 13-15). 

Regarding claim 9, Chan teaches the overlay network as recited in claim 1, 
wherein the traffic is data (col. 1 , lines 8-14). 

Regarding claim 17, Chan teaches the method as recited in claim 10, further 
comprising determining whether the portion of overlay nodes with higher-rankings 
continue to have better performance for transferring traffic to a target than one or more 
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of the overlay nodes with lower-rankings after a probing interval; and promoting the 
rankings of one or more of the overlay nodes with lower-rankings to higher-rankings, if 
the portion of overlay nodes with higher-rankings have worse performance for 
transferring traffic to a target than one or more of the overlay nodes with lower-rankings 
(col. 13-15). 

Claims 1 0-1 6, 1 8-22, and 27 do not teach or define any new limitations above 
claims 1, 2, 4-9, and 17 and therefore are rejected for similar reasons. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 3 and 23-26 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Chan et al. further in view of Corrigan et al., U.S. Patent Publication No. 
2004/0148357. 

Chan teaches the invention substantially as claimed including an acceleration of 
data network traffic between two nodes through the elimination of node latency by 
bypassing nodes which are not participating in communication (see abstract). 



As to claim 3, Chan teaches the method of claim 1 . 



Application/Control Number: 10/762,391 Page 7 

Art Unit: 2157 

Chan does not explicitly teach an access node, configured to authenticate traffic 
directed to the server from the client, and forward authenticated traffic to one or more of 
the overlay nodes. 

However, Corrigan teaches a messaging gateway for use by mobile networks 
(see abstract). Corrigan teaches the use of validation nodes (paragraph 51). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Chan in view of Corrigan to use an access node, configured to 
authenticate traffic directed to the server from the client, and forward authenticated 
traffic to one or more of the overlay nodes. One would be motivated to do so because it 
guarantees confidentiality and integrity of all traffic. 

Regarding claim 23, Chan teaches an overlay network to mitigate a denial of 
service attack, comprising: target nodes configured to transfer the traffic previously 
authenticated by the access nodes to the server; and overlay nodes, coupled between 
the access nodes and the target nodes, configured to route the traffic from the access 
nodes to the target nodes by selecting a best end-to-end path between the client and 
the server based in accordance with at least one performance metric (col. 1 , line 57 - 
col. 2, line 14, col. 4, lines 10-29, col. 13-15). 

Chan does not explicitly teach access nodes configured to authenticate traffic 
directed to the server from the client. 

However, Corrigan teaches the use of validation nodes (paragraph 51). 
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It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify Chan in view of Corrigan to use access nodes configured to 
authenticate traffic directed to the server from the client. One would be motivated to do 
so because it guarantees confidentiality and integrity of all traffic. 

Regarding claim 24, Chan teaches the overlay network as recited in claim 23, 
wherein each overlay node is configured to dynamically select, a best target node for 
accessing the server and a best path to reach that target node (col. 13-15). 

Regarding claim 25, Chan teaches the overlay network as recited in claim 24, 
wherein the best path is selected via a best next hop measured in terms of the at least 
one performance metric (col. 13-15). 

Regarding claim 26, Chan teaches the overlay network as recited in claim 23, 
wherein each overlay node comprises: a ranking module configured to rank the overlay 
nodes based on the performance metric, wherein an overlay node with a higher-ranking 
indicates that the overlay node has better performance for transferring traffic to one of 
the target nodes than overlay nodes with lower-rankings; and a probing module 
configured to probe a portion of the overlay nodes with higher-rankings more frequently 
than overlay nodes with lower-rankings during probing intervals (col. 1 , line 57 - col. 2, 
line 14, col. 4, lines 10-29, col. 13-15). 
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Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Pat. No. 5,539,659 to McKee et al., because it discloses ranking of nodes. 
U.S. Pat. No. 5,802,503 to Sansone, because it discloses nodes that are ranked 
and weighted. 

U.S. Pat. Publication No. 2002/0002686 to Vange et al., because it discloses a 
method and system for overcoming denial of service attacks. 

U.S. Pat. No. 7,185,077 to OToole et al., because it discloses performance 
metrics of a network and an overlay network of nodes. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to AVI GOLD whose telephone number is (571)272-4002. 
The examiner can normally be reached on M-F 8:00-5:30 (1st Friday Off). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ario Etienne can be reached on 571-272-4001 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Avi Gold 
Patent Examiner 
Art Unit 2157 
AMG 

/Ario Etienne/ 

Supervisory Patent Examiner, Art Unit 2157 



